Maarch Rm@2.9 Security Vulnerabilities and Issues — Maarch Rm@2.9 CVE List

Lucene search

MaarchMaarch Rm2.9

3 matches found

CVE•added 2022/11/23 12:15 a.m.•50 views

CVE-2022-37774

There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document (pdf, email) from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash of the file accessed. The document's URL (https://{url}/tm...

5.3CVSS5.2AI score0.00191EPSS

CVE•added 2022/11/23 2:15 a.m.•47 views

CVE-2022-37772

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.

7.5CVSS7.7AI score0.00118EPSS

CVE•added 2022/11/23 12:15 a.m.•47 views

CVE-2022-37773

An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases.

6.5CVSS6.9AI score0.00289EPSS